Krinye • about 10 years ago
Confirmation: OUATH - Mobile
Last time, we were told that the Ouath feature for native apps had not been completed...in that we can not use and consume the the Green Data API endpoints from within an native application. Is this true?
Comments are closed.
6 comments
Yuri Shteinman • about 10 years ago
Is anybody monitoring this forum from admins? I haven't received any answers few days already.
Lindsay Archibald Manager • about 10 years ago
Hi Yuri/@yshteinm, I sent you an email yesterday - hopefully you got it?
Our technical advisor is travelling at the moment so there is some delay in responding to these questions. We will respond by email and post the answers on the forum.
Thanks,
Lindsay
energyapps@marsdd.com
Yuri Shteinman • about 10 years ago
From what I understand the major part of OAuth is callback URI where access token is provided. How it suppose to work on mobile device?
Krinye • about 10 years ago
This might give you a better understanding.
http://nilvec.com/implementing-client-side-oauth-on-android.html
Lindsay Archibald Manager • about 10 years ago
re: the original question:
To clarify, mobile / direct applications are currently supported by the Ontario Green Button Connect My Data Reference Architecture. As mobile applications cannot expose their own endpoints, asynchronous reads and subscription based updates will not be available to these types of applications. However, synchronous data transfers are fully available. It should also be mentioned that mobile apps will also require co-ordination with a corporate web infrastructure to manage the authorization process, as the OAuth 2.0 authorization workflow currently utilized requires such an infrastructure. Please see the notes in section 4.4 and 7.1.3 of the reference Architecture Document for further details on this point.
gellis519 • about 10 years ago
Further to the above, the Authorized Third Party (ATP) portal in the test can be used as your "portal infrastructure" in the interim. First register your app with the ATP via the Administration menu. Then use the tool to initiate the authorization process for a given Data Custodian customer. Upon successful completion of the authorization process, the returned access and refresh tokens are displayed in the ATP user interface. You can use these tokens in your mobile application for testing and demonstration purposes.